Техническая информация
- [<HKLM>\SOFTWARE\Classes\CLSID\{86AEFBE8-763F-0647-899C-A93278894D8E}\Shell\Open\Command] '' = '%PROGRAM_FILES%\Internet Explorer\iexpiore.exe http://www.go6000.com/?2'
- 'C:\v558.exe'
- 'C:\v558.exe' (загружен из сети Интернет)
- '<SYSTEM32>\attrib.exe' -s -h -r "%HOMEPATH%\Desktop\Internet Explorer.*"
- %PROGRAM_FILES%\Internet Explorer\iexpiore.exe
- %HOMEPATH%\Desktop\lnternet Expl0rer.lnk
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\v558[1].exe
- C:\v558.exe
- %PROGRAM_FILES%\Internet Explorer\iexpiore.exe
- C:\v558.exe
- 'www.00##.net':80
- 'localhost':1037
- www.00##.net/v558.exe
- DNS ASK www.00##.net
- ClassName: '(null)' WindowName: '%HOMEPATH%\Desktop'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'